One 、 Vulnerability description

2022 year 5 month 6 Japan ,F5 The official website publishes safety announcements , Disclosure F5 BIG-IP There is a Remote Code Execution Vulnerability （CVE-2022-1388）. The flaw lies in iControl REST In the component , The vulnerability allows attackers who define authentication to pass BIG-IP Manage the interface and yourself IP The address of iControl REST API Interface for network access , As a result, arbitrary system commands can be executed on the target host 、 Create or delete files or disable BIG-IP Service on .

Components ：F5 BIG-IP iControl REST

Hole type ： Authentication bypasses

influence ： Command execution

sketch ： This vulnerability allows an unauthenticated attacker to pass through the management port or self body ip The address of BIG-IP System access , To perform duties Meaning system commands , Create or delete files and disable BIG-IP Service on .

Two 、 scope

BIG-IP 16.x: 16.1.0 - 16.1.2

BIG-IP 15.x: 15.1.0 - 15.1.5